redfish_authorization/resource_uri_override.h - gbmcweb - Git at Google

 #ifndef THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_
 #define THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_

 #include <string>
 #include <vector>

 #include "absl/container/flat_hash_map.h"
 #include "absl/strings/string_view.h"
 #include "authorizer_enums.h"
 #include "override.h"
 #include "redfish_privileges.h"

 namespace milotic::authz {
 /*
   ResourceUriOverride is a special type of override that checks whether the
 request's uri is a subordinate of the target list.

   Example: Imagine this below is part of the Ethernet entity mapping
 "ResourceUriOverride": {
   "Targets": [
     "/redfish/v1/Manager/Chassis/1",
   ],
   "OperationMap": {
     ...
   }
 }

 This resource uri override above only applies to URIs who match one of the
 elements in the target list. Since the redfish route has a wildcard on
 Chassis/<str>, it routes all of the Chassis through the same privileges, but if
 we wanted to override the privilege on Chassis/1, this above override would do
 so.
 */
 class ResourceUriOverride : public Override {
  public:
   ResourceUriOverride(
       const std::vector<std::string>& targets,
       const absl::flat_hash_map<ecclesia::Operation,
                                 std::vector<RedfishPrivileges>>& operation_map)
       : Override(targets, operation_map) {}

   bool IsApplicable(absl::string_view uri,
                     ecclesia::Operation operation) const override;

   Override::Type GetOverrideType() const override;
 };

 }  // namespace milotic::authz
 #endif  // THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_
	#ifndef THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_
	#define THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_

	#include <string>
	#include <vector>

	#include "absl/container/flat_hash_map.h"
	#include "absl/strings/string_view.h"
	#include "authorizer_enums.h"
	#include "override.h"
	#include "redfish_privileges.h"

	namespace milotic::authz {
	/*
	ResourceUriOverride is a special type of override that checks whether the
	request's uri is a subordinate of the target list.

	Example: Imagine this below is part of the Ethernet entity mapping
	"ResourceUriOverride": {
	"Targets": [
	"/redfish/v1/Manager/Chassis/1",
	],
	"OperationMap": {
	...
	}
	}

	This resource uri override above only applies to URIs who match one of the
	elements in the target list. Since the redfish route has a wildcard on
	Chassis/<str>, it routes all of the Chassis through the same privileges, but if
	we wanted to override the privilege on Chassis/1, this above override would do
	so.
	*/
	class ResourceUriOverride : public Override {
	public:
	ResourceUriOverride(
	const std::vector<std::string>& targets,
	const absl::flat_hash_map<ecclesia::Operation,
	std::vector<RedfishPrivileges>>& operation_map)
	: Override(targets, operation_map) {}

	bool IsApplicable(absl::string_view uri,
	ecclesia::Operation operation) const override;

	Override::Type GetOverrideType() const override;
	};

	} // namespace milotic::authz
	#endif // THIRD_PARTY_MILOTIC_EXTERNAL_CC_AUTHZ_RESOURCE_URI_OVERRIDE_H_